• Journal of KIISE:Information Networking
• /
• v.35 no.1
• /
• pp.76-90
• /
• 2008

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.177-189
• /
• 2023

Malware detection is an increasingly important operational focus in cyber security, particularly given the fast pace of such threats (e.g., new malware variants introduced every day). There has been great interest in exploring the use of machine learning techniques in automating and enhancing the effectiveness of malware detection and analysis. In this paper, we present a deep recurrent neural network solution as a stacked Long Short-Term Memory (LSTM) with a pre-training as a regularization method to avoid random network initialization. In our proposal, we use global and short dependencies of the inputs. With pre-training, we avoid random initialization and are able to improve the accuracy and robustness of malware threat hunting. The proposed method speeds up the convergence (in comparison to stacked LSTM) by reducing the length of malware OpCode or bytecode sequences. Hence, the complexity of our final method is reduced. This leads to better accuracy, higher Mattews Correlation Coefficients (MCC), and Area Under the Curve (AUC) in comparison to a standard LSTM with similar detection time. Our proposed method can be applied in real-time malware threat hunting, particularly for safety critical systems such as eHealth or Internet of Military of Things where poor convergence of the model could lead to catastrophic consequences. We evaluate the effectiveness of our proposed method on Windows, Ransomware, Internet of Things (IoT), and Android malware datasets using both static and dynamic analysis. For the IoT malware detection, we also present a comparative summary of the performance on an IoT-specific dataset of our proposed method and the standard stacked LSTM method. More specifically, of our proposed method achieves an accuracy of 99.1% in detecting IoT malware samples, with AUC of 0.985, and MCC of 0.95; thus, outperforming standard LSTM based methods in these key metrics.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.64-70
• /
• 2023

Maritime transport is dominant in the overall volume of all international transportation. Existence and overcoming of problems, which cause pressure on shipping safety, remain actual and fully concern both maritime and inland transport. Increasing speed and cargo capacity of the ships along with the reduction of crew members lead to the automation of a growing number of work processes, which indicates the need to actively introduce appropriate measures in the security system of sea-going ships and commercial ports and to develop modern approaches to minimize negative events and incidents in the process of ship operation. Advantages in use of modern methods of monitoring the safety of ship operations, management of possible events and incidents, including investigation of accidents, first, aimed at prevention of negative occurrences and ways of prevention on this basis. Considering statistics on incidents increase, this work presents analysis of general ship accident rate, study of major accidental events growth annually, and investigation of causes of incidents, which most frequently occur in port waters and at open sea. A survey of current approaches to ensuring the safety of shipping by implementing effective tools, such as event and incident management, has been conducted.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.8
• /
• pp.859-867
• /
• 2016

The Global Positioning System is a navigation system that has been developed by the United States for military use. Currently, many countries, including the Republic of Korea, use GPS for civilian and military uses. However, as useful as it is, GPS is vulnerable to its Jamming signal, as the strength of the signal from satellites is very weak. In this paper, a novel jamming signal detection and cancellation method is proposed when a narrow-band jamming signal is included in the GPS received signal. At the GPS receiver, the received signal is transformed to a frequency domain sample by Fast Fourier Transform. In order to suppress the Spectral Leakage, the Blackman-Harris window is used. The proposed jamming signal cancellation algorithm will find the frequency sample with maximum power and null the maximum sample in addition to some lateral samples. If the GPS receiver is designed with FFT of size 128 to 512, it is shown that 42 samples are optimal to cancel the narrow-band jamming signal.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.77-85
• /
• 2019

As the Internet continues to evolve, cyber attacks are becoming more precise and covert. Anonymous communication, which is used to protect personal privacy, is also being used for cyber attacks. Not only it hides the attacker's IP address but also encrypts traffic, which allows users to bypass the information protection system that most organizations and institutions are using to defend cyber attacks. For this reason, anonymous communication can be used as a means of attacking malicious code or for downloading additional malware. Therefore, this study aims to suggest a method to detect and block encrypted anonymous communication as quickly as possible through artificial intelligence. Furthermore, it will be applied to the defense to detect malicious communication and contribute to preventing the leakage of important data and cyber attacks.

• Journal of Satellite, Information and Communications
• /
• v.12 no.2
• /
• pp.99-103
• /
• 2017

Recently, acccording to price decline and miniaturization of drone, it is increased dramatically that drone usage in various category including military and private sectors. In accordance with popular usage, There is a increasing risk of safety accident, national security and public privacy problem. Hence there is a high demand for study and analysis applicable to the related technology and anti-drone method including drone detection and jamming. In general, it is extremely difficult to detect and recognize drones using conventional sensors. In this paper, we classify drone detection technology and Drone detection experiments are performed using CW RADAR to obtain and analyze micro-doppler pattern. This preliminary study aims to provide fundamental theory on radar drone detection and experimental test results such that in-depth anti-drone technology can be established in future.

• Journal of Korea Multimedia Society
• /
• v.8 no.7
• /
• pp.974-987
• /
• 2005

As the ad hoc networks have been received a great deal of attention to not only the military but also the industry applications, some security mechanisms are required for implementing a practical ad hoc application. In this paper, we propose a security architecture in ad hoc networks for the purpose of supporting ID-based public key cryptosystems because of the advantage that ID-based schemes require less complex infrastructure compared with the traditional public key cryptosystems. We assume a trusted key generation center which only issues a private key derived from IDs of every nodes in the system setup phase, and use NIL(Node ID List) and NRL(Node Revocation List) in order to distribute the information about IDs used as public keys in our system. Furthermore, we propose a collaborative status checking mechanism that is performed by nodes themselves not by a central server in ad-hoc network to check the validity of the IDs.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.21-26
• /
• 2004

The growth of incidents on the Internet has reflected growth of the internet itself and growth of the computing power. while in previous years, external attacks tended to originate from those interested trend in exploring the Internet for its own sake and testing their skills, there is an increasing trend towards intrusions motivated by financial, political, and military objectives. so, attacks on the nation's computer infrastructures are becoming an increasingly serious problem. Even though the problem is ubiquitious, government agencies are particularly appealing targets and they tend to be more willing to reveal such events than commercial organizations. The threat of damage made necessity of security's recognition, as a result, many researches have been carried out into security of system actively. Intrusion Detection technology is detection of intrusion using audit data differently from using traditional simple filtering and informs manager of it. It has security manager of system deal with the intrusion more quickly. but, cause current environment of Internet manager can't doing response Intrusion alert immediately. That's why IPS needed. IPS can response automatically the intrusion alert. so, manager is more comfortable and can response quickly.

• Spatial Information Research
• /
• v.21 no.4
• /
• pp.15-24
• /
• 2013

Recently, as the spatial information and various multimedia are fused together, the demand for the high value-added spatial information contents and the necessity of technology for spatial information security are increasing. However, since the current security policy is being managed independently by each system, there is a problem with unreliable or costly to modify or revise the security policy. Such problems occur frequently in the process of coordination or integration of the spatial information management systems that are used in public institutions and private companies. Therefore, in this paper, the access control system that could provide an integrated security policy for many spatial platforms and systems with expandable grammar and semantics was designed and implemented based on GeoXACML proposed by OGC. As the GeoXACML-based access control system designed and implemented in this paper follows the international standard specifications, it provides high portability and interoperability. Finally, in this paper, the efficiency of the system was proved by applying it to a virtual scenario on the military area requiring the access control.

• SUVANNABHUMI
• /
• v.14 no.2
• /
• pp.117-148
• /
• 2022

The full impact of COVID-19 has yet to be felt: while it may not define the new decade, it is clear that its immediate significance was to test many of the basic operating assumptions and procedures of global civilization. Even as vaccines are developed and utilized and even as it is possible to see the beginning of the end of COVID-19 as a discrete historical event, it remains unclear as to its ultimate importance. That said, it is evident that the academic exploration of Southeast Asia will also be affected by both the global and regional experiences of the pandemic. "Breakthroughs of Area Studies and ASEAN in the Era of Homo Untact" promises to help reconceptualize the study of the region by highlighting the importance of redefined spatial relationships and new potentially depersonalized modes of communication. This paper acknowledges these issues by suggesting that the transformations caused by the pandemic should motivate scholars to raise new questions about how to understand humanity-particularly as it is defined by societies, nations and regions. Given that COVID-19 (and the response to it) has altered many of the fundamental rhythms of globalized regions, there is sufficient warrant for re-examining both the ways in which disease, health and their related spaces affect the perceptions of Southeast Asia. To achieve "breakthroughs" into the investigation of the region, it makes sense to have another glance at the ways in which the discourses about diseases and health may have helped to inscribe definitions of Southeast Asia-or, at the very least, the nations, societies and peoples who live within it. In order to at least consider these larger issues, the discussion will concentrate on a formative moment in the conceptualization of Southeast Asia-British engagement with the region in the late 18^th and early 19^th centuries. To that end three themes will be highlighted: (1) the role that British diplomatic and military narratives played in establishing the information priorities required for the construction of colonial knowledge; (2) the importance not only of "colonial knowledge" but information making in its own right; (3) in anticipation of the use of big data, the manner in which manufactured information (related to space and disease) could function in shaping early British perceptions of Southeast Asia-particularly in Batavia and Java. This discussion will suggest that rather than see social distancing or increased communication as the greatest outcome of COVID-19, instead it will be the use of data-that is, big, aggregated biometric data which have not only shaped responses to the pandemic, but remain likely to produce the reconceptualization of both information and knowledge about the region in a way that will be at least as great as that which took place to meet the needs of the "New Imperialism." Furthermore, the definition and articulation of Southeast Asia has often reflected political and security considerations. Yet, the experience of COVID-19 could prove that data and security are now fused into a set of interests critical to policy-makers. Given that the pandemic should accelerate many existing trends, it might be foreseen these developments will herald the triumph of homo indicina: an epistemic condition whereby the human subject has become a kind of index for its harvestable data. If so, the "breakthroughs" for those who study Southeast Asia will follow in due course.